Part II: Security and Access
This is Part II of III of NGINX Cookbook. This part will focus on
security aspects and features of NGINX and NGINX Plus, the
licensed version of the NGINX server. Throughout this part, you
will learn the basics about controlling access and limiting abuse and
misuse of your web assets and applications. Security concepts such
as encryption of your web traffic as well as basic HTTP authentica‐
tion will be explained as applicable to the NGINX server. More
advanced topics are covered as well, such as setting up NGINX to
verify authentication via third-party systems as well as through
JSON Web Token Signature validation and integrating with Single
sign-on providers. This part covers some amazing features of
NGINX and NGINX Plus such as securing links for time-limited
access and security as well as enabling Web Application Firewall
capabilities of NGINX Plus with the ModSecurity module. Some of
the plug-and-play modules in this part are only available through
the paid NGINX Plus subscription, however this does not mean that
the core open source NGINX server is not capable of these securi‐
ties.